https://bugzilla.redhat.com/show_bug.cgi?id=1404645
Bug ID: 1404645
Summary: CVE-2016-681 activemq: Cross-site scripting in web
based administration console
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: abhgupta(a)redhat.com, agrimm(a)gmail.com,
aileenc(a)redhat.com, ccoleman(a)redhat.com,
chazlett(a)redhat.com, dedgar(a)redhat.com,
dmcphers(a)redhat.com, gvarsami(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jcoleman(a)redhat.com, jgoulding(a)redhat.com,
jialiu(a)redhat.com, joelsmith(a)redhat.com,
jokerman(a)redhat.com, kconner(a)redhat.com,
kseifried(a)redhat.com, ldimaggi(a)redhat.com,
lmeyer(a)redhat.com, mmccomas(a)redhat.com,
nwallace(a)redhat.com, pavelp(a)redhat.com,
puntogil(a)libero.it, rwagner(a)redhat.com,
soa-p-jira(a)post-office.corp.redhat.com, s(a)shk.io,
tcunning(a)redhat.com, tdawson(a)redhat.com,
tiwillia(a)redhat.com, tkirby(a)redhat.com
An instance of a cross-site scripting vulnerability was identified to be
present in the web based administration console. The root cause of this issue
is improper user data output validation.
Affected versions: ActiveMQ 5.0.0 - 5.14.1
External Reference:
http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcem…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1438104
Bug ID: 1438104
Summary: bridge-method-injector-1.15 is available
Product: Fedora
Version: rawhide
Component: bridge-method-injector
Keywords: FutureFeature, Triaged
Assignee: msrb(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msrb(a)redhat.com
Latest upstream release: 1.15
Current version/release in rawhide: 1.14-6.fc26
URL: https://github.com/infradna/bridge-method-injector
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/218/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1442391
Bug ID: 1442391
Summary: gradle-3.5.0 is available
Product: Fedora
Version: rawhide
Component: gradle
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Latest upstream release: 3.5.0
Current version/release in rawhide: 2.13-7.fc26
URL: http://www.gradle.org/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/6088/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1413340
Bug ID: 1413340
Summary: fop doesn't include fontbox on classpath
Product: Fedora
Version: 25
Component: fop
Severity: low
Assignee: r.landmann(a)redhat.com
Reporter: brad(a)facefault.org
QA Contact: extras-qa(a)fedoraproject.org
CC: c.david86(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com,
rhbugs(a)n-dimensional.de, r.landmann(a)redhat.com
Description of problem:
fop requires fontbox for OpenType CFF fonts; fontbox is a dependency of the
rpm, but is not used by the /usr/bin/fop script.
Version-Release number of selected component (if applicable):
2.0-3.fc24 (yes, this is from the FC25 repo)
How reproducible:
Steps to Reproduce:
1. Use fop to process an FO file that uses an .otf font (e.g. Junction from
tlomt-junction-fonts).
Actual results:
An error is displayed stating "The Fontbox jar was not found in the classpath.
This is required for OTF CFF ssupport"
Expected results:
The FO is successfully converted to PDF without errors.
Additional info:
fontbox is missing from the set_classpath call at ll 28-30 of fop.script.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1400256
Bug ID: 1400256
Summary: testng: 6.10 is available
Product: Fedora
Version: rawhide
Component: testng
Assignee: puntogil(a)libero.it
Reporter: puntogil(a)libero.it
QA Contact: extras-qa(a)fedoraproject.org
CC: jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, puntogil(a)libero.it
Latest upstream release: 6.10
Current version/release in rawhide: 6.9.12-1.fc26
URL: https://github.com/cbeust/testng/tags
Fix https://github.com/cbeust/testng/issues/1168
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1324814
Bug ID: 1324814
Summary: [PATCH] doc fix request for insecure find examplůe
Product: Fedora
Version: rawhide
Component: javapackages-tools
Assignee: mizdebsk(a)redhat.com
Reporter: praiskup(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
mat.booth(a)redhat.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com, msrb(a)redhat.com
Created attachment 1144680
--> https://bugzilla.redhat.com/attachment.cgi?id=1144680&action=edit
Fix.
--
You are receiving this mail because:
You are on the CC list for the bug.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Please build jtidy for EPEL 6
https://bugzilla.redhat.com/show_bug.cgi?id=719628
Summary: Please build jtidy for EPEL 6
Product: Fedora
Version: rawhide
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: jtidy
AssignedTo: SpikeFedora(a)gmail.com
ReportedBy: redhat-bugzilla(a)linuxnetz.de
QAContact: extras-qa(a)fedoraproject.org
CC: dbhole(a)redhat.com, robert.scheck(a)etes.de,
SpikeFedora(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org
Classification: Fedora
Story Points: ---
Description of problem:
Please build jtidy from Fedora 15 for EPEL 6, because it is required to
build dom4j in EPEL 6.
Version-Release number of selected component (if applicable):
jtidy-1.0-0.10.20100930svn1125.fc15
Additional info:
Please let me know, if you just don't want to be the maintainer for the
jtidy EPEL 6 package...
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1442054
Bug ID: 1442054
Summary: maven-surefire-2.20 is available
Product: Fedora
Version: rawhide
Component: maven-surefire
Keywords: FutureFeature, Triaged
Assignee: mizdebsk(a)redhat.com
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
Latest upstream release: 2.20
Current version/release in rawhide: 2.19.1-6.fc26
URL: http://repo2.maven.org/maven2/org/apache/maven/surefire/surefire/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1944/
--
You are receiving this mail because:
You are on the CC list for the bug.